-
Notifications
You must be signed in to change notification settings - Fork 0
Amazon API Gateway
FullstackCodingGuy edited this page Feb 17, 2025
·
5 revisions
-
It is a managed service to Create, Publish, Maintain, Monitor, Secure APIs at any scale
-
Can create APIs in 2 ways RESTful, WebSocket
-
Traffic Management and Throttling
-
CORS Support
-
Authorization and access control
-
Monitoring
-
API Version Management
- Low latency
- Cost effective integrations
-
It is an architectural style that leverages the HTTP layer for communication
-
Rich feature sets
-
HTTP vs REST API - Refer this doc https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-vs-rest.html
- Multi Factor Authentication, OTP Validation
- Always use SSL/TLS for communication
- Setup CloudTrail to view all api calls and user activity in the account
- Encryption at rest and transit
- CloudWatch - to monitor performance metrics
- AWS Responsible for the infra, you are responsible for the data/software/app
- Leverage multiple Availability zones
- Plan for High Availability
- Analyse the security threats for your apis as it is directly exposed outside to internet users
- Create security zones - public and secure zone to protect sensitive services/databases from being exposed